PT-2019-5174 · Apple+2 · Itunes For Windows+7

Lokihardt

Publicado

2019-01-22

Atualizado

2020-08-24

CVE-2019-6215

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions iOS versions prior to 12.1.3 tvOS versions prior to 12.1.2 Safari versions prior to 12.0.3 iTunes for Windows versions prior to 12.9.3 iCloud for Windows versions prior to 7.10

Description A type confusion issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution. The issue can be exploited by a remote attacker using a specially crafted website, potentially allowing them to execute arbitrary code.

Recommendations For iOS versions prior to 12.1.3, update to iOS 12.1.3 or later. For tvOS versions prior to 12.1.2, update to tvOS 12.1.2 or later. For Safari versions prior to 12.0.3, update to Safari 12.0.3 or later. For iTunes for Windows versions prior to 12.9.3, update to iTunes 12.9.3 or later. For iCloud for Windows versions prior to 7.10, update to iCloud for Windows 7.10 or later.

Exploit

Correção

Type Confusion

Incorrect Type Conversion or Cast

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-843CWE-704

Identificadores relacionados

BDU:2020-01845

CVE-2019-6215

OPENSUSE-SU-2019:0308-1

OPENSUSE-SU-2019_0308-1

OPENSUSE-SU-2019_0309-1

SUSE-SU-2019:0497-1

SUSE-SU-2019:0511-1

USN-3889-1

Produtos afetados

Safari

Suse

Ubuntu

Icloud For Windows

Ios

Itunes

Itunes For Windows

Tvos

PT-2019-5174 · Apple+2 · Itunes For Windows+7

CVE-2019-6215

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 51